This page describes the most basic workflow for importing an externally created CA (i.e created on another EJBCA node), such as the Root CA on an Issuing CA, or the Issuing CA on an OCSP signer.
Import External CA
To import an external CA, do the following:
- In the CA UI, click Certification Authorities under CA Functions to open the Manage Certificate Authorities page.
- Click Import CA Certificate.
- Specify the name of the externally imported CA and then click Choose file to upload the certificate belonging to that CA.
- Click Import CA Certificate to create a proxy for this CA locally, listing it as External CA.
This External CA will naturally not be editable, and the only available actions on the Edit CA page are setting up certain OCSP functionality and the ability to update the certificate (if a new certificate is issued).